dd4be662ba357e0fc8b48da125382963_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd4be662ba357e0fc8b48da125382963_JaffaCakes118
Size

538KB
MD5

dd4be662ba357e0fc8b48da125382963
SHA1

a85ee7ecd80756abbb6a84b5da43f745a46e1161
SHA256

fe0f3df40bf025ddf3097f184dd4c6a3d3505e564983bdd81c8f1291280a1f1e
SHA512

9e16d41d857acc5d5ca0398fa53a7be5f87d69d79e6e4818d89073161a2b5eb9e4b51fbd54d7a8be4333b0a7a9b5695471a0ecf3e0447729dcd324c257f1f020
SSDEEP

12288:fVcFcukvf0SNnRIOTDntKBWl94ne+oU0vImqszOgtFDzi:muHR3TicLtFXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd4be662ba357e0fc8b48da125382963_JaffaCakes118

Files

dd4be662ba357e0fc8b48da125382963_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24a8666aea7556182a5e210d81cf701a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetLocaleInfoA
EnterCriticalSection
WideCharToMultiByte
FreeEnvironmentStringsA
LCMapStringA
IsValidLocale
EnumCalendarInfoA
OpenMutexA
GlobalSize
OpenEventW
GetEnvironmentStringsW
DeleteFiber
GetVersionExA
HeapFree
CompareStringW
UnhandledExceptionFilter
IsBadWritePtr
GetNamedPipeHandleStateW
HeapDestroy
TlsSetValue
MultiByteToWideChar
GetStdHandle
GetCompressedFileSizeA
GetVolumeInformationA
GetCommandLineA
CompareStringA
WriteProfileSectionW
DeleteCriticalSection
GetTimeFormatA
FlushFileBuffers
lstrcpy
GetCPInfo
VirtualAlloc
GetModuleFileNameA
GetProcAddress
HeapReAlloc
ReadFile
GetLocaleInfoW
QueryPerformanceCounter
SetConsoleWindowInfo
GetDateFormatA
GetStringTypeA
AllocConsole
WaitForDebugEvent
GetTickCount
TerminateProcess
GetCurrentThread
GetUserDefaultLCID
GetEnvironmentStrings
GetFileType
GetSystemInfo
IsValidCodePage
HeapLock
InterlockedExchange
SetEnvironmentVariableA
RtlUnwind
TlsFree
FreeEnvironmentStringsW
HeapAlloc
GetTimeZoneInformation
LoadLibraryA
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcess
VirtualFree
HeapCreate
CreateMutexA
InitializeCriticalSection
EnumSystemLocalesA
LCMapStringW
ExitThread
FindResourceW
GetTempPathW
VirtualQuery
TlsAlloc
GetModuleHandleA
FindFirstFileA
GetStringTypeW
VirtualProtect
GetLastError
CloseHandle
GetACP
GetTempFileNameW
SetFilePointer
LeaveCriticalSection
TlsGetValue
SetHandleCount
GetCurrentProcessId
GetOEMCP
GetCurrentThreadId
WriteFile
ExitProcess
GetStartupInfoA
HeapSize
SetLastError
GetProfileIntW

user32

RegisterClassA
GetTabbedTextExtentA
GetClassLongA
WaitMessage
DdeAddData
CallMsgFilter
TileWindows
GetGUIThreadInfo
GetWindow
RegisterClassExA
EnumClipboardFormats
EndDialog

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24a8666aea7556182a5e210d81cf701a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 204KB - Virtual size: 204KB

.rdata Size: 8KB - Virtual size: 16KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 204KB - Virtual size: 204KB

.rdata
Size: 8KB - Virtual size: 16KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 9KB